package org.javaforever.cookieshop.shiro;

import java.io.Serializable;
import java.util.Enumeration;

import jakarta.servlet.ServletRequest;
import jakarta.servlet.ServletResponse;
import jakarta.servlet.http.Cookie;

import org.apache.commons.lang3.StringUtils;
import org.apache.shiro.web.servlet.ShiroHttpServletRequest;
import org.apache.shiro.web.session.mgt.DefaultWebSessionManager;
import org.apache.shiro.web.util.WebUtils;

import org.javaforever.cookieshop.utils.StringUtil;

/**
* @author by. 不笑猫丶
* @date 2018年12月12日
* 自定义session获取
*/
public class MySessionManager  extends DefaultWebSessionManager {

    //private static final Logger logger = LoggerFactory.getLogger(MySessionManager.class);

    private static final String AUTHORIZATION = "Authorization";

    private static final String REFERENCED_SESSION_ID_SOURCE = "Stateless request";

    public MySessionManager() {
        super();
    }
    
    public String getQuerySessionId(String queryString) {
        if (!StringUtil.isBlank(queryString)) {
            String[] mytokens;
            if (queryString.contains("&")) {
                mytokens = queryString.split("&");
            }else {
                mytokens = new String [1];
                mytokens[0] = queryString;
            }
            if (mytokens!=null) {
                for (int i = 0; i < mytokens.length; i++) {
                    if (mytokens[i].contains("token")) {
                        String[] tokens = mytokens[i].split("=");
                        return tokens[1];
                    }
                }
            }
        }
        return "";
    }

    @Override
    protected Serializable getSessionId(ServletRequest request, ServletResponse response) {
        //String id = WebUtils.toHttp(request).getHeader(AUTHORIZATION);
        String qstr = WebUtils.toHttp(request).getQueryString();
        String id =  getQuerySessionId(qstr);
        
//        Enumeration<String> xToken = WebUtils.toHttp(request).getHeaderNames();
//
//        while( xToken.hasMoreElements()) {
//        	String str = xToken.nextElement();
//        	System.out.println(str);
//        	System.out.println(WebUtils.toHttp(request).getHeader(str));
//        }
//
//        Cookie [] cookies = WebUtils.toHttp(request).getCookies();
//        if (cookies!=null) {
//	        for (Cookie c:cookies) {
//	        	System.out.println(c.getName()+":cookie:"+c.getValue());
//	        }
//        }

        String myToken = WebUtils.toHttp(request).getHeader("X-Token");
        if (!StringUtil.isBlank(myToken)) id = myToken;
        //if (!StringUtil.isBlank(xToken)) id = xToken;
        //如果请求头中有 Authorization 则其值为sessionId
        if (!StringUtils.isEmpty(id)) {
            request.setAttribute(ShiroHttpServletRequest.REFERENCED_SESSION_ID_SOURCE, REFERENCED_SESSION_ID_SOURCE);
            request.setAttribute(ShiroHttpServletRequest.REFERENCED_SESSION_ID, id);
            request.setAttribute(ShiroHttpServletRequest.REFERENCED_SESSION_ID_IS_VALID, Boolean.TRUE);
        // logger.info("Session管理器检测到AUTHORIZATION token 使用此token作为Session");
            return id;
        } else {
            //否则按默认规则从cookie取sessionId
            return super.getSessionId(request, response);
        }
    }
}
